Du ser en gammel version af denne side. Se den nuværende version.

Sammenlign med nuværende Vis sidehistorik

« Forrige Version 14 Næste »

Testings

ObjectComment / LinkStatus
ELK StackAn excellent Guide for Ubuntu 14.04 is at https://www.digitalocean.com/community/tutorials/how-to-install-elasticsearch-logstash-and-kibana-elk-stack-on-ubuntu-14-04TESTED
TopBeat https://www.digitalocean.com/community/tutorials/how-to-gather-infrastructure-metrics-with-topbeat-and-elk-on-ubuntu-14-04 TESTED
PacketBeat https://z0z0.me/monitor-your-servers-with-elasticsearch-2-x-and-beats-and-display-it-in-kibana/TESTET
GeoIP Support https://www.digitalocean.com/community/tutorials/how-to-map-user-location-with-geoip-and-elk-elasticsearch-logstash-and-kibana 

TESTED

Gave som field challenges, and I had to delete the filebeat index.

Tomcat Log Parsinghttps://blog.lanyonm.org/articles/2014/01/12/logstash-multiline-tomcat-log-parsing.html  NOT TESTED

 

Tips

Make sure the server time is correct for all servers (smil) as in use NTP.

This actually gave me a problem where logstash => ElasticSearch did not work

Delete indexes

curl -XDELETE http://localhost:9200/filebeat*

 

Sample filebeat config for my Confluence Server

      paths:
        - /var/log/auth.log
        - /var/log/syslog
      document_type: syslog
      input_type: log
    -
      paths:
        - /var/log/apache2/www.mos-eisley.dk-*.log
      document_type: apache
      input_type: log
    -
      paths:
        - /data/www/Fordor.log
        - /data/www/Baghus.log
      document_type: camfileslog
      input_type: log

 

Sample filebeat config for my Alfresco Server

     paths:
        - /var/log/auth.log
        - /var/log/syslog
      document_type: syslog
      input_type: log
    -
      paths:
        - /var/log/apache2/alfresco.mos-eisley.dk-*.log
        - /var/log/apache2/elk.mos-eisley.dk-*.log
      document_type: apache
      input_type: log
    -
      paths:
       - /var/log/ping-kaf.txt
      document_type: ping-log
      input_type: log

 

 

 

Other Stuff:

http://www.slideshare.net/aca_it/monitor-your-atlassian-stack-like-the-nsa

Elasticsearch CRUD

The Great Mapping Refactoring

 

PingLog i eget index

curl -O https://gist.githubusercontent.com/thisismitch/3429023e8438cc25b86c/raw/d8c479e2a1adcea8b1fe86570e42abab0f10f364/filebeat-index-template.json
root@elkserver:~# curl -XPUT 'http://localhost:9200/_template/pinglog?pretty' -d@filebeat-index-template.json
{
  "acknowledged" : true
}
root@elkserver:~#

  • Ingen etiketter